<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Release 7.4.28</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REV="MADE"
HREF="mailto:pgsql-docs@postgresql.org"><LINK
REL="HOME"
TITLE="PostgreSQL 9.1.2 Documentation"
HREF="index.html"><LINK
REL="UP"
TITLE="Release Notes"
HREF="release.html"><LINK
REL="PREVIOUS"
TITLE="Release 7.4.29"
HREF="release-7-4-29.html"><LINK
REL="NEXT"
TITLE="Release 7.4.27"
HREF="release-7-4-27.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
HREF="stylesheet.css"><META
HTTP-EQUIV="Content-Type"
CONTENT="text/html; charset=ISO-8859-1"><META
NAME="creation"
CONTENT="2011-12-01T22:07:59"></HEAD
><BODY
CLASS="SECT1"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="5"
ALIGN="center"
VALIGN="bottom"
><A
HREF="index.html"
>PostgreSQL 9.1.2 Documentation</A
></TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
TITLE="Release 7.4.29"
HREF="release-7-4-29.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
HREF="release.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="60%"
ALIGN="center"
VALIGN="bottom"
>Appendix E. Release Notes</TD
><TD
WIDTH="20%"
ALIGN="right"
VALIGN="top"
><A
TITLE="Release 7.4.27"
HREF="release-7-4-27.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="RELEASE-7-4-28"
>E.117. Release 7.4.28</A
></H1
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Release Date: </B
>2010-03-15</P
></BLOCKQUOTE
></DIV
><P
>   This release contains a variety of fixes from 7.4.27.
   For information about new features in the 7.4 major release, see
   <A
HREF="release-7-4.html"
>Section E.145</A
>.
  </P
><P
>   The <SPAN
CLASS="PRODUCTNAME"
>PostgreSQL</SPAN
> community will stop releasing updates
   for the 7.4.X release series in July 2010.
   Users are encouraged to update to a newer release branch soon.
  </P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN124356"
>E.117.1. Migration to Version 7.4.28</A
></H2
><P
>    A dump/restore is not required for those running 7.4.X.
    However, if you are upgrading from a version earlier than 7.4.26,
    see the release notes for 7.4.26.
   </P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN124359"
>E.117.2. Changes</A
></H2
><P
></P
><UL
><LI
><P
>      Add new configuration parameter <TT
CLASS="VARNAME"
>ssl_renegotiation_limit</TT
> to
      control how often we do session key renegotiation for an SSL connection
      (Magnus)
     </P
><P
>      This can be set to zero to disable renegotiation completely, which may
      be required if a broken SSL library is used.  In particular, some
      vendors are shipping stopgap patches for CVE-2009-3555 that cause
      renegotiation attempts to fail.
     </P
></LI
><LI
><P
>      Make <CODE
CLASS="FUNCTION"
>substring()</CODE
> for <TT
CLASS="TYPE"
>bit</TT
> types treat any negative
      length as meaning <SPAN
CLASS="QUOTE"
>"all the rest of the string"</SPAN
> (Tom)
     </P
><P
>      The previous coding treated only -1 that way, and would produce an
      invalid result value for other negative values, possibly leading to
      a crash (CVE-2010-0442).
     </P
></LI
><LI
><P
>      Fix some cases of pathologically slow regular expression matching (Tom)
     </P
></LI
><LI
><P
>      When reading <TT
CLASS="FILENAME"
>pg_hba.conf</TT
> and related files, do not treat
      <TT
CLASS="LITERAL"
>@something</TT
> as a file inclusion request if the <TT
CLASS="LITERAL"
>@</TT
>
      appears inside quote marks; also, never treat <TT
CLASS="LITERAL"
>@</TT
> by itself
      as a file inclusion request (Tom)
     </P
><P
>      This prevents erratic behavior if a role or database name starts with
      <TT
CLASS="LITERAL"
>@</TT
>.  If you need to include a file whose path name
      contains spaces, you can still do so, but you must write
      <TT
CLASS="LITERAL"
>@"/path to/file"</TT
> rather than putting the quotes around
      the whole construct.
     </P
></LI
><LI
><P
>      Prevent infinite loop on some platforms if a directory is named as
      an inclusion target in <TT
CLASS="FILENAME"
>pg_hba.conf</TT
> and related files
      (Tom)
     </P
></LI
><LI
><P
>      Ensure PL/Tcl initializes the Tcl interpreter fully (Tom)
     </P
><P
>      The only known symptom of this oversight is that the Tcl
      <TT
CLASS="LITERAL"
>clock</TT
> command misbehaves if using Tcl 8.5 or later.
     </P
></LI
><LI
><P
>      Prevent crash in <TT
CLASS="FILENAME"
>contrib/dblink</TT
> when too many key
      columns are specified to a <CODE
CLASS="FUNCTION"
>dblink_build_sql_*</CODE
> function
      (Rushabh Lathia, Joe Conway)
     </P
></LI
></UL
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="release-7-4-29.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="release-7-4-27.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Release 7.4.29</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="release.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Release 7.4.27</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>